Covered California is committed to making patient data available and accessible to support clinical care and coordination, decrease health care costs, reduce paperwork, improve outcomes and give patients more control over their health care. To allow for the discovery of timely and reliable information that will aid in a patient or provider’s decision-making processes, Covered California will engage QHP Issuers in actively inspecting, transforming and modeling patient data.
15.01 Data Submission
15.01.1 Covered California and the Contractor recognize the importance of submitting timely and appropriate data for use in improving quality of care.
15.01.2 Contractor must comply with the following data submission requirements: 1) General Data Submission Requirements
a) California law requires the Contractor to provide Covered California with information on cost, quality, and disparities to evaluate the impact of Covered California on the healthcare delivery system and health coverage in California.
b) California law requires the Contractor to provide Covered California with data needed to conduct audits, investigations, inspections, evaluations, analyses, and other activities needed to oversee the operation of Covered California, which may include financial and other data pertaining to Covered California’s oversight obligations. California law further specifies that any such data shall be provided in a form, manner, and frequency specified by Covered California.
c) The Contractor is required to provide Healthcare Evidence Initiative Data (“HEI Data”) that may include, but need not be limited to, data and other information pertaining to quality measures affecting enrollee health and improvements in healthcare care coordination and patient safety. This data may likewise include enrollee claims and encounter data needed to monitor compliance with applicable provisions of this Agreement pertaining to improvements in health equity and disparity reductions, performance improvement strategies, individual payment methods, as well as enrollee- specific financial data needed to evaluate enrollee costs and utilization experiences. Covered California agrees to use HEI Data for only those purposes authorized by applicable law.
d) The Parties mutually agree and acknowledge that financial and other data needed to evaluate Enrollee costs and utilization experiences shall include, but need not be limited to, information pertaining to contracted provider reimbursement rates and historical data as required by applicable California law.
e) Covered California may, in its sole discretion, require that certain HEI Data submissions be transmitted to Covered California through a vendor (herein, “HEI Vendor”) which will have any and all legal authority to receive and collect such data on Covered California’s behalf. Notwithstanding the foregoing, the parties mutually agree and acknowledge that the form, manner, and frequency wherein Covered California may require the submission of HEI Data may, in Covered California’s discretion, require the use of alternative
methods for the submission of any such data. Such alternative methods may include but need not be limited to data provided indirectly through an alternative vendor or directly to
42 Covered California either via the terms of this Agreement or the certification process for Covered California participation. Covered California will provide Contractor with sufficient notice of any such alternative method.
f) The parties further mutually agree that the aforementioned HEI Data may include information which represents Protected Health Information (PHI) for purposes of the HIPAA Privacy Rule (45 CFR §160.103), and that such data may no longer be subject to the HIPAA Privacy Rule once disclosed by Contractor to HEI Vendor or Covered
California.
2) Healthcare Evidence Initiative Vendor (HEI Vendor)
a) Covered California represents and warrants that any HEI Vendor which, in its sole discretion, Covered California should contract with to assist with its health oversight functions and activities shall have any and all legal authority to provide any such assistance, including but not limited to the authority to collect, store, and process HEI Data subject to this Agreement.
b) The parties acknowledge that any such HEI Vendor shall be retained by and work solely with Covered California and that Covered California shall be responsible for HEI Vendor’s protection, use and disclosure of any such HEI Data.
c) Disclosures of HEI Data to HEI Vendor or to Covered California shall at all times be subject to conditions or requirements imposed under applicable federal or California state law.
3) HIPAA Privacy Rule
a) PHI Disclosures Required by California law:
i) California law requires Contractor to provide HEI Data in a form, manner, and frequency determined by Covered California. Covered California has retained and designated HEI Vendor to collect and receive certain HEI Data information on its behalf.
ii) Accordingly, the parties mutually agree and acknowledge that the disclosure of any HEI Data to Covered California or to HEI Vendor which represents PHI is permissible and consistent with applicable provisions of the HIPAA Privacy Rule which permit Contractor to disclose PHI when such disclosures are required by law (45 CFR §164.512(a)(1)).
b) PHI Disclosures for Health Oversight Activities:
i) The parties mutually agree and acknowledge that applicable California law (CA Gov Code §100503.8) requires Contractor to provide Covered California with HEI Data for the purpose of engaging in health oversight activities and declares Covered
California to be a health oversight agency for purposes of the HIPAA Privacy Rule (CA Gov Code §100503.8).
ii) The HIPAA Privacy Rule defines a “health oversight agency” to consist of a person or entity acting under a legal grant of authority from a health oversight agency (45 CFR §164.501) and HEI Vendor has been granted legal authority to collect and receive HEI Data from Contractor on Covered California’s behalf.
43 iii) Accordingly, the parties mutually acknowledge and agree that the provision of any
HEI Data by Contractor to Covered California or HEI Vendor which represents PHI is permissible under applicable provisions of the HIPAA Privacy Rule which permit the disclosure of PHI for health oversight purposes (45 CFR §164.512(d).
c) Publication of Data and Public Records Act Disclosures
i) The parties mutually acknowledge and agree that California law requires Covered California to publish certain HEI Data provided by Contractor pertaining to its cost reduction efforts, quality improvements, and disparity reductions.
ii) Notwithstanding the foregoing, the parties mutually acknowledge and agree that data shall at all times be disclosed in a manner which protects the Personally Identifiable Information of Contractor’s Enrollees.
iii) The parties further acknowledge and agree that records which reveal contracted rates paid by Contractor to health care providers, as well as any enrollee cost share, claims or encounter data, cost detail, or information pertaining to enrollee payment methods, which can be used to determine contracted rates paid by the Contractor to health care providers shall not at any time be subject to public disclosure and shall at all times be deemed to be exempt from compulsory disclosure under the Public Records Act.
15.02 Data Exchange with Providers
15.02.1 Covered California and the Contractor recognize the critical role of sharing data across
specialties and institutional boundaries as well as between health plans and contracted providers in improving quality of care and successfully managing total costs of care.
15.02.2 The Contractor must report on the following activities to support data exchange with providers in the annual application for certification:
1) The initiatives undertaken to improve routine exchange of timely information with providers to support their delivery of high-quality care. This requirement is supplemental to the mandatory implementation of electronic information exchange of admission, discharge, and transfer events outlined in Article 6, Section 6.03.
2) Describe participation in statewide or regional initiatives that seek to make data exchange routine, including the following Health Information Exchanges:
i) Manifest MedEx (formerly CalIndex)
ii) Los Angeles Network for Enhanced Services (LANES)
iii) Orange County Partnership Regional Health Information Organization (OCPRHIO) iv) San Diego Health Connect
v) Santa Cruz Health Information Exchange vi) Other Health Information Exchange(s)
3) Report number and percent of the following that participate in Health Information Exchanges: i) Individual clinicians
44 The Contractor agrees to engage with Covered California and other stakeholders in discussions regarding a transition to a statewide approach to streamline Health Information Exchange participation and other efforts that could facilitate an improved exchange of data.
15.02.3 The Contractor must use standard processes for encounter data exchange with its contracted providers, which include:
1) The use of the 837-P and 837-I industry standard transaction sets for encounter data intake. These standard transaction sets must include appropriate cost sharing and member out of pocket information.
2) The use of the 277 CA transaction set and industry standard code sets to communicate encounter data that was successfully processed, as well as any encounter data that was rejected and requires resubmission. If the Contractor uses a clearing house to process encounter data and the 277 CA is not utilized, the Contractor must provide a daily detailed file to the clearing house of all rejected records and corresponding reasons for rejections. The Contractor must ensure its contracted providers receive visibility to the specific reasons the encounter data was rejected to allow for both successful resubmissions and any process improvement needed to minimize future rejections.
The Contractor shall participate in industry collaborative initiatives for improving encounter data exchange processes in California.
15.03 Data Aggregation Across Health Plans
15.03.1 Covered California and the Contractor recognize that aggregating data across purchasers and payors to more accurately understand the performance of providers that have contracts with multiple health plans can potentially be used to support performance improvement, contracting and public reporting.
15.03.2 The Contractor shall report in the annual application for certification its participation in initiatives to support the aggregation of claims and clinical data across health plans. The Contractor must include its assessment of additional opportunities to improve measurement and reduce the burden of data collection on health plans and providers through such proposals as a statewide All Payor Claims Database.
15.04 Patient Access Application Programing Interface
15.04.1 Covered California and the Contractor recognize that transparency in health information such as costs and outcomes will promote a value-based health care system. To this intent, Patient Access Application Programming Interface (API) software provides the ability to give patients greater control of their health information and care management.
15.04.2 The Contractor must implement and maintain a secure, standards-based Patient Access API. Specifically, the Contractor must:
1) Implement and maintain a secure, standards-based Patient Access API consistent with the CMS Patient Access final rule for Federally Facilitated Marketplaces.
a) Make the data available to 3rd-party application developers.
b) Using the Fast Healthcare Interoperability Resource (FHIR) standard, make the following types of information available:
i) Claims and encounters including encounters with capitated providers, provider remittance and enrollee cost-sharing data.
45 (1) Must contain all covered services including subcontracted, capitated or delegated
services.
(2) Must contain claims data for payment decision that may be appealed, were appealed or are in the process of appeal.
ii) Clinical data based on the United States Core Data for Interoperability (USCDI) data elements and classes, if maintained by Contractor.
c) Make the information available no later than one (1) business day after it is received by the Contractor.
d) Make API documentation publicly accessible.
e) Must conduct routine testing and monitoring and update as appropriate to ensure API functions properly.
f) Must provide educational materials about privacy and security considerations when selecting a 3rd-party application.
2) Report number and percent of patients accessing their Patient Access API in the annual application for certification.
46 ARTICLE 16